Vulnerabilities (CVE)

Filtered by vendor Scalefusion Subscribe
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-51751 2 Microsoft, Scalefusion 2 Windows, Scalefusion 2024-11-21 N/A 6.8 MEDIUM
ScaleFusion 10.5.2 does not properly limit users to the Edge application because Alt-F4 can be used. This is fixed in 10.5.7 by preventing the launching of the file explorer in Agent-based Multi-App and Single App Kiosk mode.
CVE-2023-51750 2 Microsoft, Scalefusion 2 Windows, Scalefusion 2024-11-21 N/A 4.6 MEDIUM
ScaleFusion 10.5.2 does not properly limit users to the Edge application because file downloads can occur. NOTE: the vendor's position is "Not vulnerable if the default Windows device profile configuration is used which utilizes modern management with website allow-listing rules."
CVE-2023-51749 1 Scalefusion 1 Scalefusion 2024-11-21 N/A 8.8 HIGH
ScaleFusion 10.5.2 does not properly limit users to the Edge application because a search can be made from a tooltip. NOTE: the vendor's position is "Not vulnerable if the default Windows device profile configuration is used which utilizes modern management with website allow-listing rules."
CVE-2023-51748 1 Scalefusion 1 Scalefusion 2024-11-21 N/A 8.8 HIGH
ScaleFusion 10.5.2 does not properly limit users to the Edge application because Ctrl-O and Ctrl-S can be used. This is fixed in 10.5.7 by preventing the launching of the file explorer in Agent-based Multi-App and Single App Kiosk mode.
CVE-2023-50159 1 Scalefusion 1 Scalefusion 2024-11-21 N/A 8.8 HIGH
In ScaleFusion (Windows Desktop App) agent 10.5.2, Kiosk mode application restrictions can be bypassed allowing arbitrary code to be executed. This is fixed in 10.5.7 by preventing the launching of the file explorer in Agent-based Multi-App and Single App Kiosk mode.